package com.huo.base.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * http://localhost:10061/resp/nestPage
 */
@Controller
@RequestMapping("/resp")
public class ResponseController {

    @GetMapping(value = "/frame")
    public String fame(HttpServletRequest request, HttpServletResponse response){
        //谷歌浏览器不支持ALLOW-FROM ；https://stackoverflow.com/questions/10205192/x-frame-options-allow-from-multiple-domains
        response.setHeader( "X-Frame-Options","ALLOW-FROM https://example.com/" );//相同的域名
       //response.setHeader( "X-Frame-Options","SAMEORIGIN" );//相同的域名
       // response.setHeader( "x-frame-options","deny" );//设置为deny nestPage.html页面中的iframe则不能嵌套frame.html
        response.setHeader( "x-frame-options","deny" );
        response.setHeader( "x-frame-options","sameorigin" );
        return "frame";
    }

    /**
     * 嵌套frame.html页面
     * @param request
     * @param response
     * @return
     */
    @GetMapping("/nestPage")
    public String qiantao(HttpServletRequest request, HttpServletResponse response){
        return "nestPage";
    }

}
